Jump to content

Firefox - google hijack


Recommended Posts

Hi,

I'm embarrassed to ask as this should be an easy one and part of my job is removing virus' from people's computers but I can't seem to kick this one.

It's a regular google link hijack that only happens in Firefox when I start a new google search in a new window or sometimes tab. It redirects to another sponsored search of some kind - usually benign and simply annoying rather than dangerous - but of course you don't know what else is going on.

 

All Malwarebytes scans come up clean, as so Windows Defender and Hitman Pro. I have a full copy of Malware bytes.

 

here's the logs and thanks for any help:

 

DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537  BrowserJavaVersion: 10.21.2
Run by Robin at 22:07:22 on 2013-07-03
Microsoft Windows 8 Pro with Media Center  6.2.9200.0.1252.44.2057.18.16331.10818 [GMT 1:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\Windows\system32\dashost.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Users\Robin\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
C:\Program Files (x86)\nerds.de\LoopBe2\loough.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Users\Robin\AppData\Roaming\Copy\CopyAgent.exe
C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE
C:\PROGRA~2\Intuit\QUICKB~2\QBDBMgr.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\axlbridge.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
C:\PROGRA~2\Intuit\QUICKB~2\dbextclr11.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wwahost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wwahost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [AdobeBridge] <no file>
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [Copy] "C:\Users\Robin\AppData\Roaming\Copy\CopyAgent.exe"
StartupFolder: C:\Users\Robin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\CODEME~1.LNK - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\LOOPBE~1.LNK - C:\Program Files (x86)\nerds.de\LoopBe2\loough.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\QUICKB~2.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{4B1870CC-4438-44F5-AC05-7B76DFBE8295} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{DC7A1243-58A3-4ACA-B15C-681C0F1FA88E} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll, C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - <orphaned>
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 184.107.188.204 smithsonmartin.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\hpnratv8.default-1357556451162\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\npspwrap.dll
FF - plugin: C:\Users\Robin\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll
FF - plugin: C:\Users\Robin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-11-1 645952]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2012-11-13 56336]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-11-1 920736]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-11-1 951936]
R2 CodeMeter.exe;CodeMeter Runtime Server;C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-7-6 2304912]
R2 DigiNet;Digidesign Ethernet Support;C:\Windows\System32\Drivers\diginet.sys [2012-12-18 23976]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-11-1 233328]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-1 7168]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-6-5 190824]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-1 166720]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-27 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-27 701512]
R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-11-9 6370680]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-1-30 1900728]
R2 PaceLicenseDServices;PACE License Services;C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2012-5-18 2938880]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-4 4150112]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-1 365376]
R3 bomebus;Bome's Virtual MIDI Port Bus Service;C:\Windows\System32\Drivers\bomebus.sys [2013-1-10 34376]
R3 bomemidi;Bome's Virtual MIDI Port;C:\Windows\System32\Drivers\bomemidi.sys [2013-1-10 30792]
R3 debutfilter;Debut Filter Driver v6.10.01;C:\Windows\System32\Drivers\debutfilterx64.sys [2012-11-8 32024]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\Drivers\LEqdUsb.sys [2012-9-18 78648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\Drivers\LHidEqd.sys [2012-9-18 15160]
R3 LoopBe30;nerds.de LoopBe30 - Internal Midi Port SvcDesc(WDM);C:\Windows\System32\Drivers\loopbe30.sys [2011-2-26 16896]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2012-12-27 25928]
R3 WSDScan;WSD Scan Support;C:\Windows\System32\Drivers\WSDScan.sys [2012-12-3 23552]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
R3 ysusb64;Yamaha Steinberg USB Audio;C:\Windows\System32\Drivers\ysusb64.sys [2013-1-29 113960]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]
S3 gbxavs;Maschine Midi;C:\Windows\System32\Drivers\gbxavs.sys [2011-7-7 357968]
S3 gbxusb_svc;Maschine Controller;C:\Windows\System32\Drivers\gbxusb.sys [2011-7-7 68688]
S3 iLokDrvr;Usb Driver;C:\Windows\System32\Drivers\iLokDrvr.sys [2012-5-16 25752]
S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]
S3 MFWAMIDI64;MOTU Audio MIDI for 64 bit;C:\Windows\System32\Drivers\mfwamidi64.sys [2012-9-6 32408]
S3 MFWAWAVE64;MOTU Audio Wave for 64 bit;C:\Windows\System32\Drivers\mfwawave64.sys [2012-9-6 82584]
S3 MotuFWA64;MotuFWA64;C:\Windows\System32\Drivers\MotuFWA64.sys [2012-9-6 609944]
S3 rspLLL;rspLLL;C:\Windows\System32\Drivers\rspLLL64.sys [2013-6-4 23968]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 synusb64;eLicenser;C:\Windows\System32\Drivers\synusb64.sys [2012-11-1 30352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-9-28 53760]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-07-03 10:33:55 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E40D2F26-F082-4733-A9DE-83D7BC0CD5AC}\mpengine.dll
2013-07-03 09:40:28 9552976 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-07-03 09:21:53 -------- d---a-w- C:\.Trash-999
2013-06-28 02:41:51 243888 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10208.bin
2013-06-26 20:19:56 -------- d-----w- C:\Program Files\Common Files\Intuit
2013-06-25 10:34:53 -------- d-----w- C:\ProgramData\Codemasters
2013-06-24 19:21:47 -------- d-----w- C:\Program Files (x86)\Infogrames
2013-06-24 19:19:09 692224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2013-06-24 19:19:09 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2013-06-24 19:19:09 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-06-24 19:19:09 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2013-06-24 19:19:09 155648 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2013-06-24 19:19:01 163972 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2013-06-24 19:19:00 282756 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2013-06-24 18:41:10 315904 ----a-w- C:\Windows\IsUninst.exe
2013-06-24 17:47:13 2829 ----a-w- C:\Windows\War3Unin.pif
2013-06-24 17:47:13 126976 ----a-w- C:\Windows\War3Unin.exe
2013-06-23 10:58:06 -------- d-----w- C:\Users\Robin\AppData\Roaming\Open DVD Ripper
2013-06-17 14:14:20 1300992 ----a-w- C:\Windows\System32\gdi32.dll
2013-06-17 14:14:20 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-06-17 14:13:49 888320 ----a-w- C:\Windows\System32\autochk.exe
2013-06-17 14:13:49 793088 ----a-w- C:\Windows\SysWow64\autochk.exe
2013-06-17 14:13:49 542208 ----a-w- C:\Windows\System32\untfs.dll
2013-06-17 14:13:49 482816 ----a-w- C:\Windows\SysWow64\untfs.dll
2013-06-13 08:30:04 17271808 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-13 08:30:04 16642560 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-11 10:33:15 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2013-06-11 10:33:03 -------- d-----w- C:\Users\Robin\AppData\Roaming\Copy
2013-06-04 10:37:22 23968 ----a-w- C:\Windows\System32\drivers\rspLLL64.sys
2013-06-04 10:37:22 -------- d-----w- C:\Program Files\LatencyMon
.
==================== Find3M  ====================
.
2013-06-17 13:50:19 223 ---ha-w- C:\Windows\samborombon.dll
2013-06-04 22:09:22 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-04 22:09:22 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-15 22:37:03 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2013-05-15 22:35:49 53760 ----a-w- C:\Windows\System32\UXInit.dll
2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-04 07:58:17 120736 ----a-w- C:\Windows\System32\AuthHost.exe
2013-05-04 07:45:29 2233600 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-04 07:34:17 446720 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS
2013-05-04 07:34:17 213248 ----a-w- C:\Windows\System32\drivers\UCX01000.SYS
2013-05-04 07:34:15 284416 ----a-w- C:\Windows\System32\drivers\spaceport.sys
2013-05-04 06:59:56 39424 ----a-w- C:\Windows\System32\wuapp.exe
2013-05-04 06:59:51 1483776 ----a-w- C:\Windows\System32\VSSVC.exe
2013-05-04 06:59:36 812544 ----a-w- C:\Windows\System32\Magnify.exe
2013-05-04 06:59:25 98304 ----a-w- C:\Windows\System32\wudriver.dll
2013-05-04 06:59:25 251904 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
2013-05-04 06:59:25 141824 ----a-w- C:\Windows\System32\wuwebv.dll
2013-05-04 06:59:24 1619968 ----a-w- C:\Windows\System32\wucltux.dll
2013-05-04 06:59:08 13644288 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll
2013-05-04 06:58:54 328192 ----a-w- C:\Windows\System32\ubpm.dll
2013-05-04 06:58:54 10116096 ----a-w- C:\Windows\System32\twinui.dll
2013-05-04 06:58:49 173568 ----a-w- C:\Windows\System32\storewuauth.dll
2013-05-04 06:58:49 1332736 ----a-w- C:\Windows\System32\sysmain.dll
2013-05-04 06:58:48 330240 ----a-w- C:\Windows\System32\stobject.dll
2013-05-04 06:58:28 93696 ----a-w- C:\Windows\System32\psmsrv.dll
2013-05-04 06:58:02 470528 ----a-w- C:\Windows\System32\netprofmsvc.dll
2013-05-04 06:58:02 151552 ----a-w- C:\Windows\System32\netprofm.dll
2013-05-04 06:58:01 169984 ----a-w- C:\Windows\System32\netplwiz.dll
2013-05-04 06:57:59 17408 ----a-w- C:\Windows\System32\muifontsetup.dll
2013-05-04 06:57:46 560640 ----a-w- C:\Windows\System32\mfmp4srcsnk.dll
2013-05-04 06:57:31 820736 ----a-w- C:\Windows\System32\gpprefcl.dll
2013-05-04 06:57:15 501760 ----a-w- C:\Windows\System32\DevicePairing.dll
2013-05-04 06:57:05 179712 ----a-w- C:\Windows\System32\bisrv.dll
2013-05-04 06:57:05 122368 ----a-w- C:\Windows\System32\biwinrt.dll
2013-05-04 06:57:04 389120 ----a-w- C:\Windows\System32\BCP47Langs.dll
2013-05-04 06:57:04 2305024 ----a-w- C:\Windows\System32\authui.dll
2013-05-04 06:57:00 708096 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll
2013-05-04 06:57:00 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll
2013-05-04 06:56:53 419840 ----a-w- C:\Windows\System32\intl.cpl
2013-05-04 04:58:34 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe
2013-05-04 04:58:14 758784 ----a-w- C:\Windows\SysWow64\Magnify.exe
2013-05-04 04:58:02 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll
2013-05-04 04:58:02 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2013-05-04 04:57:49 10788864 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll
2013-05-04 04:57:39 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll
2013-05-04 04:57:39 247296 ----a-w- C:\Windows\SysWow64\ubpm.dll
2013-05-04 04:57:35 303616 ----a-w- C:\Windows\SysWow64\stobject.dll
2013-05-04 04:57:16 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll
2013-05-04 04:57:04 151040 ----a-w- C:\Windows\SysWow64\netplwiz.dll
2013-05-04 04:57:04 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll
2013-05-04 04:57:02 14336 ----a-w- C:\Windows\SysWow64\muifontsetup.dll
2013-05-04 04:56:48 411136 ----a-w- C:\Windows\SysWow64\mfmp4srcsnk.dll
2013-05-04 04:56:35 582144 ----a-w- C:\Windows\SysWow64\gpprefcl.dll
2013-05-04 04:56:14 449536 ----a-w- C:\Windows\SysWow64\DevicePairing.dll
2013-05-04 04:56:06 92160 ----a-w- C:\Windows\SysWow64\biwinrt.dll
2013-05-04 04:56:05 309760 ----a-w- C:\Windows\SysWow64\BCP47Langs.dll
2013-05-04 04:56:05 2035712 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-04 04:55:58 389632 ----a-w- C:\Windows\SysWow64\intl.cpl
2013-05-04 04:51:38 14848 ----a-w- C:\Windows\System32\rars.rs
2013-05-04 04:48:33 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-05-04 04:48:26 27648 ----a-w- C:\Windows\System32\drivers\hidusb.sys
2013-05-04 04:47:02 427520 ----a-w- C:\Windows\System32\drivers\rdbss.sys
2013-05-04 04:10:47 14848 ----a-w- C:\Windows\SysWow64\rars.rs
2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-05-01 02:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 02:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2013-04-28 22:30:55 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-04-28 22:30:12 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-04-28 22:28:33 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-04-28 22:28:29 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2013-04-28 22:28:00 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-27 05:20:12 733184 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-23 23:13:53 1013248 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-04-23 23:12:44 1569792 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-04-23 23:12:44 109056 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-04-23 22:56:35 1255936 ----a-w- C:\Windows\System32\certutil.exe
2013-04-23 22:55:48 68096 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-04-23 22:55:48 1889280 ----a-w- C:\Windows\System32\crypt32.dll
2013-04-23 22:55:48 141312 ----a-w- C:\Windows\System32\cryptnet.dll
2013-04-16 02:34:44 1455368 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-13 12:56:32 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-04-13 12:56:32 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-04-13 05:56:35 444416 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-11 06:40:48 6987528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-09 05:33:02 489576 ----a-w- C:\Windows\System32\AudioEng.dll
2013-04-09 05:33:02 446792 ----a-w- C:\Windows\System32\AudioSes.dll
2013-04-09 05:33:02 253544 ----a-w- C:\Windows\System32\audiodg.exe
2013-04-09 05:20:02 86280 ----a-w- C:\Windows\System32\kdnet.dll
2013-04-09 05:20:02 306952 ----a-w- C:\Windows\System32\kd_02_10ec.dll
2013-04-09 05:18:05 77960 ----a-w- C:\Windows\System32\kdvm.dll
2013-04-09 05:17:57 1829408 ----a-w- C:\Windows\System32\ntdll.dll
2013-04-09 04:52:07 816128 ----a-w- C:\Windows\System32\SearchIndexer.exe
2013-04-09 04:52:07 373760 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2013-04-09 04:52:07 197120 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2013-04-09 04:52:07 126464 ----a-w- C:\Windows\System32\Robocopy.exe
2013-04-09 04:52:06 804352 ----a-w- C:\Windows\System32\RecoveryDrive.exe
2013-04-09 04:51:51 367616 ----a-w- C:\Windows\System32\conhost.exe
2013-04-09 04:51:45 523264 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-04-09 04:51:41 99840 ----a-w- C:\Windows\System32\wscsvc.dll
.
============= FINISH: 22:07:30.63 ===============

 

Attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8 Pro with Media Center
Boot Device: \Device\HarddiskVolume1
Install Date: 01/11/2012 10:54:51
System Uptime: 03/07/2013 10:40:17 (12 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. |  | P8Z77-V
Processor: Intel® Core i7-3770K CPU @ 3.50GHz | LGA1155 | 3501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 20.98 GiB free.
D: is FIXED (NTFS) - 1863 GiB total, 1417.853 GiB free.
E: is FIXED (NTFS) - 1863 GiB total, 1572.628 GiB free.
F: is FIXED (NTFS) - 932 GiB total, 445.823 GiB free.
G: is CDROM ()
I: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP48: 24/06/2013 20:21:37 - Installed Enter The Matrix
RP49: 03/07/2013 11:27:58 - Installed DirectX
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
Ableton Live 9 Suite
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Creative Suite 6 Master Collection
Adobe Download Assistant
Adobe Flash Player 11 Plugin
Adobe Help Manager
Adobe Reader XI
Adobe Widget Browser
Adobe® Content Viewer
Amazon MP3 Downloader 1.0.18
Analog Laboratory v1_5_2
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ARP2600 V2 2.5.3
Artisteer 4
Assassin's Creed® III v1.03
Authorizer 1.0.5
Authorizer 2.0
Authorizer Ignition Key Support
Avid Effects
Avid HD Driver (x64)
Avid Pro Tools
Avid Virtual Instruments
bl
Bome's Virtual MIDI Port 1.0.0.11
Bonjour
Borderlands 2
Canon MG6100 series MP Drivers
Copy
CS-80V2 2.5.3
D3DX10
Debut Video Capture Software
Decimort 1.3.1 (64bit)
DEFCON
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Devastor 1.3.1 (64bit)
Dimension Pro 1.5
Dimension Pro Free Expansion Packs 1-3
Drumazon 1.5.1 (64bit)
DVD-Cloner V10.00 Build 1202
DVD Architect Pro 5.2
eLicenser Control
Emulator 1.4.4
Emulator 1.4.6
Emulator Modular 1.3
eReg
Far Cry 3
Fazortan 1.3.1 (64bit)
FL Studio 11
FlowStone FL 3.0
IL Download Manager
IL Shared Libraries
Intel® Management Engine Components
Intel® Network Connections 17.2.153.0
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client
iTunes
Java 7 Update 21
Java Auto Updater
Junk Mail filter update
Jupiter-8V2 2.5.3
LatencyMon 5.00
License Support
Line 6 Uninstaller
Livid Cell
Logitech SetPoint 6.51
LoopBe2 - Internal MIDI Ports
LuSH-101 1.0.0 (64bit)
Magic Bullet Suite 64-bit
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 1.1
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Home and Student 2013 - en-us
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MIDI-OX
Mini V 2.5.4
Modular V 2.6.3
Movie Maker
Mozilla Firefox 20.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 Parser and SDK
Native Instruments Abbey Road 60s Drums
Native Instruments Abbey Road 60s Drums Vintage
Native Instruments Abbey Road 70s Drums
Native Instruments Abbey Road 80s Drums
Native Instruments Abbey Road Modern Drums
Native Instruments Absynth 5
Native Instruments Alicias Keys
Native Instruments Balinese Gamelan
Native Instruments Battery 3
Native Instruments Battery Library Importer for Maschine
Native Instruments Berlin Concert Grand
Native Instruments Controller Editor
Native Instruments Evolve Mutations
Native Instruments Evolve Mutations 2
Native Instruments FM8
Native Instruments George Duke Soul Treasures
Native Instruments Guitar Rig 5
Native Instruments Guitar Rig Elements for Maschine
Native Instruments Guitar Rig Mobile I/O
Native Instruments Guitar Rig Pro Library for Maschine
Native Instruments Guitar Rig Session I/O
Native Instruments Komplete 8 Ultimate
Native Instruments Komplete Elements Mk2
Native Instruments Kontakt 5
Native Instruments Kontakt Elements Selection R2
Native Instruments Kontakt Factory Library
Native Instruments Maschine
Native Instruments Maschine Controller
Native Instruments Maschine Controller Driver
Native Instruments Maschine Drum Selection
Native Instruments Massive
Native Instruments New York Concert Grand
Native Instruments Rammfire
Native Instruments Razor
Native Instruments Reaktor 5
Native Instruments Reaktor Elements Selection
Native Instruments Reaktor Prism
Native Instruments Reaktor Spark R2
Native Instruments Reflektor
Native Instruments Rig Kontrol 3
Native Instruments Scarbee Funk Guitarist
Native Instruments Scarbee Jay-Bass
Native Instruments Scarbee MM-Bass
Native Instruments Scarbee MM-Bass Amped
Native Instruments Scarbee Pre-Bass
Native Instruments Scarbee Pre-Bass Amped
Native Instruments Scarbee Vintage Keys
Native Instruments Service Center
Native Instruments Session Strings Pro
Native Instruments Studio Drummer
Native Instruments The Finger R2
Native Instruments The Mouth
Native Instruments Traktors 12
Native Instruments Transient Master
Native Instruments Upright Piano
Native Instruments VC 160
Native Instruments VC 2A
Native Instruments VC 76
Native Instruments Vienna Concert Grand
Native Instruments Vintage Organs
Native Instruments West Africa
Nepheton 1.5.1 (64bit)
Nithonat 1.5.1 (64bit)
NVIDIA 3D Vision Driver 311.06
NVIDIA Control Panel 311.06
NVIDIA Graphics Driver 311.06
NVIDIA Install Application
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.11.3
NVIDIA Update Components
Oberheim SEM V 1.1.2
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Open DVD Ripper 3.40 Build 508
PDF Settings CS6
ph
Phoscyon 1.9.0 (64bit)
Photo Common
Photo Gallery
Picasa 3
Pidgin
PrimoPDF -- brought to you by Nitro PDF Software
Prism Video File Converter
Prophet-V2 2.5.3
PunkBuster Services
QuickBooks
QuickBooks Premier Edition 2008
QuickBooks Premier Edition 2013
QuickTime
Rapture 1.2.2
Realtek High Definition Audio Driver
Reason 6.0
Reason 6.5.1
Redoptor 1.3.1 (64bit)
Resolume Avenue 4.1.3
SeaTools for Windows
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Sibelius Scorch (Firefox, Opera, Netscape only)
SONAR X2 Producer x64
Sony Sound Forge 8.0d
Spark Vintage Drum Machines 1.0.2
Spotify
StageLight version 1.0 (3456)
Steam
Steinberg Cubase 6 64bit
Steinberg Cubase 7
Steinberg Cubase 7 64bit
Steinberg Dark Planet 64bit
Steinberg Drum Loop Expansion 01
Steinberg Eucon Adapter 6.5
Steinberg Eucon Adapter 6.5 64bit
Steinberg Groove Agent ONE Allen Morgan Signature Drums
Steinberg Groove Agent ONE Content
Steinberg Groove Agent ONE Vintage Beatboxes
Steinberg HALion Sonic SE
Steinberg HALion Sonic SE 64bit
Steinberg HALion Sonic SE Content
Steinberg HALionOne 64bit
Steinberg HALionOne Expression Set
Steinberg HALionOne GM Drum Set
Steinberg HALionOne GM Set
Steinberg HALionOne Pro Set
Steinberg HALionOne Studio Drum Set
Steinberg HALionOne Studio Set
Steinberg Hypnotic Dance 64bit
Steinberg Instrument Set Dark Planet
Steinberg Instrument Set Hypnotic Dance
Steinberg Instrument Set Triebwerk
Steinberg Instrument Set Zero Gravity
Steinberg LoopMash Content
Steinberg LoopMash Content 2
Steinberg Midi Loop Library
Steinberg Padshop
Steinberg Padshop 64bit
Steinberg Retrologue
Steinberg Retrologue 64bit
Steinberg REVerence Content 01
Steinberg Triebwerk 64bit
Steinberg Upload Manager
Steinberg UR28M Applications
Steinberg VST Amp Rack Content 01
SupportSoft Assisted Service
Syntorus 1.3.1 (64bit)
TeamViewer 8
Toraverb 1.3.1 (64bit)
TouchOSC Bridge version 1.0.1
Unity Web Player
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Uplay
Vegas Pro 11.0 (64-bit)
Vegas Pro 12.0 (64-bit)
Visual C++ 64-bit Redistributables
Visual C++ Redistributables
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
Warcraft III
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Wurlitzer V 1.0.2
Yamaha Steinberg USB Driver
.
==== Event Viewer Messages From Past Week ========
.
03/07/2013 11:27:20, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
03/07/2013 11:27:20, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
03/07/2013 10:42:43, Error: Service Control Manager [7038]  - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:  The password for this account has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
03/07/2013 10:42:43, Error: Service Control Manager [7000]  - The NVIDIA Update Service Daemon service failed to start due to the following error:  The service did not start due to a log-on failure.
02/07/2013 09:39:46, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000007a (0x0000000000000004, 0x0000000000000000, 0xfffffa80179da490, 0x0000007bb4f5000c). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 070213-12187-01.
.
==== End Of File ===========================
 

 

 

Link to post
Share on other sites

  • Root Admin

Hello and :welcome:

 

Please run the following scans and post back the logs and we'll see about getting the box cleaned up.

 

STEP 01

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder.



Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02

Please download Malwarebytes Anti-Rootkit from HERE

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt



STEP 03

Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus





STEP 04

Please download AdwCleaner by Xplode to your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • If prompted by the User Account Control click Yes to allow it to run.
  • Under Actions click on the Delete button.
  • Click OK on all prompts.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the entire contents of that logfile to your next reply.
  • You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.



STEP 05

button_eos.gif

Please go here to run the online antivirus scannner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.


 

Thanks

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

  • 1 month later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.